@authsignal/browser 0.3.7 → 0.4.1

package/dist/api/passkey-api-client.d.ts

@@ -1,4 +1,4 @@
-import { AddAuthenticatorRequest, AddAuthenticatorResponse, AuthenticationOptsRequest, AuthenticationOptsResponse, RegistrationOptsRequest, RegistrationOptsResponse, VerifyRequest, VerifyResponse } from "./types";
+import { AddAuthenticatorRequest, AddAuthenticatorResponse, AuthenticationOptsRequest, AuthenticationOptsResponse, PasskeyAuthenticatorResponse, RegistrationOptsRequest, RegistrationOptsResponse, VerifyRequest, VerifyResponse } from "./types";
 declare type PasskeyApiClientOptions = {
     baseUrl: string;
     tenantId: string;
@@ -7,10 +7,11 @@ export declare class PasskeyApiClient {
     tenantId: string;
     baseUrl: string;
     constructor({ baseUrl, tenantId }: PasskeyApiClientOptions);
-    registrationOptions({ token, userName }: RegistrationOptsRequest): Promise<RegistrationOptsResponse>;
+    registrationOptions({ token, userName, authenticatorAttachment, }: RegistrationOptsRequest): Promise<RegistrationOptsResponse>;
     authenticationOptions({ token }: AuthenticationOptsRequest): Promise<AuthenticationOptsResponse>;
     addAuthenticator({ token, ...rest }: AddAuthenticatorRequest): Promise<AddAuthenticatorResponse>;
     verify({ token, ...rest }: VerifyRequest): Promise<VerifyResponse>;
+    getPasskeyAuthenticator(credentialId: string): Promise<PasskeyAuthenticatorResponse>;
     private buildHeaders;
 }
 export {};

package/dist/api/types.d.ts

@@ -1,7 +1,8 @@
-import { AuthenticationResponseJSON, PublicKeyCredentialCreationOptionsJSON, RegistrationResponseJSON } from "@simplewebauthn/types";
+import { AuthenticationResponseJSON, AuthenticatorAttachment, PublicKeyCredentialCreationOptionsJSON, RegistrationResponseJSON } from "@simplewebauthn/types";
 export declare type RegistrationOptsRequest = {
     userName?: string;
     token: string;
+    authenticatorAttachment?: AuthenticatorAttachment | null;
 };
 export declare type RegistrationOptsResponse = {
     challengeId: string;
@@ -33,3 +34,7 @@ export declare type VerifyResponse = {
     isVerified: boolean;
     accessToken?: string;
 };
+export declare type PasskeyAuthenticatorResponse = {
+    credentialId: string;
+    verifiedAt: string;
+};

package/dist/handlers/popup-handler.d.ts

@@ -1,18 +1,18 @@
+import { A11yDialogEvent } from "a11y-dialog";
 declare type PopupShowInput = {
     url: string;
 };
-declare type EventType = "show" | "hide" | "destroy" | "create";
-declare type EventHandler = (node: Element, event?: Event) => void;
 declare type PopupHandlerOptions = {
     width?: string;
+    isClosable?: boolean;
 };
 export declare class PopupHandler {
     private popup;
-    constructor({ width }: PopupHandlerOptions);
-    create({ width }: PopupHandlerOptions): void;
+    constructor({ width, isClosable }: PopupHandlerOptions);
+    create({ width, isClosable }: PopupHandlerOptions): void;
     destroy(): void;
     show({ url }: PopupShowInput): void;
     close(): void;
-    on(event: EventType, handler: EventHandler): void;
+    on(event: A11yDialogEvent, listener: EventListener): void;
 }
 export {};

package/dist/index.js

@@ -543,18 +543,21 @@ var PasskeyApiClient = /** @class */ (function () {
         this.baseUrl = baseUrl;
     }
     PasskeyApiClient.prototype.registrationOptions = function (_a) {
-        var token = _a.token, userName = _a.userName;
+        var token = _a.token, userName = _a.userName, authenticatorAttachment = _a.authenticatorAttachment;
         return __awaiter(this, void 0, void 0, function () {
-            var request;
+            var body, response;
             return __generator(this, function (_b) {
                 switch (_b.label) {
                     case 0:
-                        request = fetch("".concat(this.baseUrl, "/client/user-authenticators/passkey/registration-options"), {
+                        body = Boolean(authenticatorAttachment)
+                            ? { username: userName, authenticatorAttachment: authenticatorAttachment }
+                            : { username: userName };
+                        response = fetch("".concat(this.baseUrl, "/client/user-authenticators/passkey/registration-options"), {
                             method: "POST",
                             headers: this.buildHeaders(token),
-                            body: JSON.stringify({ username: userName })
+                            body: JSON.stringify(body)
                         });
-                        return [4 /*yield*/, request];
+                        return [4 /*yield*/, response];
                     case 1: return [2 /*return*/, (_b.sent()).json()];
                 }
             });
@@ -563,16 +566,16 @@ var PasskeyApiClient = /** @class */ (function () {
     PasskeyApiClient.prototype.authenticationOptions = function (_a) {
         var token = _a.token;
         return __awaiter(this, void 0, void 0, function () {
-            var request;
+            var response;
             return __generator(this, function (_b) {
                 switch (_b.label) {
                     case 0:
-                        request = fetch("".concat(this.baseUrl, "/client/user-authenticators/passkey/authentication-options"), {
+                        response = fetch("".concat(this.baseUrl, "/client/user-authenticators/passkey/authentication-options"), {
                             method: "POST",
                             headers: this.buildHeaders(token),
                             body: JSON.stringify({})
                         });
-                        return [4 /*yield*/, request];
+                        return [4 /*yield*/, response];
                     case 1: return [2 /*return*/, (_b.sent()).json()];
                 }
             });
@@ -581,16 +584,16 @@ var PasskeyApiClient = /** @class */ (function () {
     PasskeyApiClient.prototype.addAuthenticator = function (_a) {
         var token = _a.token, rest = __rest(_a, ["token"]);
         return __awaiter(this, void 0, void 0, function () {
-            var request;
+            var response;
             return __generator(this, function (_b) {
                 switch (_b.label) {
                     case 0:
-                        request = fetch("".concat(this.baseUrl, "/client/user-authenticators/passkey"), {
+                        response = fetch("".concat(this.baseUrl, "/client/user-authenticators/passkey"), {
                             method: "POST",
                             headers: this.buildHeaders(token),
                             body: JSON.stringify(rest)
                         });
-                        return [4 /*yield*/, request];
+                        return [4 /*yield*/, response];
                     case 1: return [2 /*return*/, (_b.sent()).json()];
                 }
             });
@@ -599,21 +602,40 @@ var PasskeyApiClient = /** @class */ (function () {
     PasskeyApiClient.prototype.verify = function (_a) {
         var token = _a.token, rest = __rest(_a, ["token"]);
         return __awaiter(this, void 0, void 0, function () {
-            var request;
+            var response;
             return __generator(this, function (_b) {
                 switch (_b.label) {
                     case 0:
-                        request = fetch("".concat(this.baseUrl, "/client/verify/passkey"), {
+                        response = fetch("".concat(this.baseUrl, "/client/verify/passkey"), {
                             method: "POST",
                             headers: this.buildHeaders(token),
                             body: JSON.stringify(rest)
                         });
-                        return [4 /*yield*/, request];
+                        return [4 /*yield*/, response];
                     case 1: return [2 /*return*/, (_b.sent()).json()];
                 }
             });
         });
     };
+    PasskeyApiClient.prototype.getPasskeyAuthenticator = function (credentialId) {
+        return __awaiter(this, void 0, void 0, function () {
+            var response;
+            return __generator(this, function (_a) {
+                switch (_a.label) {
+                    case 0: return [4 /*yield*/, fetch("".concat(this.baseUrl, "/client/user-authenticators/passkey?credentialId=").concat(credentialId), {
+                            method: "GET",
+                            headers: this.buildHeaders()
+                        })];
+                    case 1:
+                        response = _a.sent();
+                        if (!response.ok) {
+                            throw new Error(response.statusText);
+                        }
+                        return [2 /*return*/, response.json()];
+                }
+            });
+        });
+    };
     PasskeyApiClient.prototype.buildHeaders = function (token) {
         var authorizationHeader = token ? "Bearer ".concat(token) : "Basic ".concat(window.btoa(encodeURIComponent(this.tenantId)));
         return {
@@ -627,27 +649,31 @@ var PasskeyApiClient = /** @class */ (function () {
 var Passkey = /** @class */ (function () {
     function Passkey(_a) {
         var baseUrl = _a.baseUrl, tenantId = _a.tenantId;
+        this.passkeyLocalStorageKey = "as_passkey_credential_id";
         this.api = new PasskeyApiClient({ baseUrl: baseUrl, tenantId: tenantId });
     }
     Passkey.prototype.signUp = function (_a) {
-        var userName = _a.userName, token = _a.token;
+        var userName = _a.userName, token = _a.token, _b = _a.authenticatorAttachment, authenticatorAttachment = _b === void 0 ? "platform" : _b;
         return __awaiter(this, void 0, void 0, function () {
             var optionsResponse, registrationResponse, addAuthenticatorResponse;
-            return __generator(this, function (_b) {
-                switch (_b.label) {
-                    case 0: return [4 /*yield*/, this.api.registrationOptions({ userName: userName, token: token })];
+            return __generator(this, function (_c) {
+                switch (_c.label) {
+                    case 0: return [4 /*yield*/, this.api.registrationOptions({ userName: userName, token: token, authenticatorAttachment: authenticatorAttachment })];
                     case 1:
-                        optionsResponse = _b.sent();
+                        optionsResponse = _c.sent();
                         return [4 /*yield*/, startRegistration(optionsResponse.options)];
                     case 2:
-                        registrationResponse = _b.sent();
+                        registrationResponse = _c.sent();
                         return [4 /*yield*/, this.api.addAuthenticator({
                                 challengeId: optionsResponse.challengeId,
                                 registrationCredential: registrationResponse,
                                 token: token
                             })];
                     case 3:
-                        addAuthenticatorResponse = _b.sent();
+                        addAuthenticatorResponse = _c.sent();
+                        if (addAuthenticatorResponse === null || addAuthenticatorResponse === void 0 ? void 0 : addAuthenticatorResponse.isVerified) {
+                            this.storeCredentialAgainstDevice(registrationResponse);
+                        }
                         return [2 /*return*/, addAuthenticatorResponse === null || addAuthenticatorResponse === void 0 ? void 0 : addAuthenticatorResponse.accessToken];
                 }
             });
@@ -675,11 +701,46 @@ var Passkey = /** @class */ (function () {
                             })];
                     case 3:
                         verifyResponse = _a.sent();
+                        if (verifyResponse === null || verifyResponse === void 0 ? void 0 : verifyResponse.isVerified) {
+                            this.storeCredentialAgainstDevice(authenticationResponse);
+                        }
                         return [2 /*return*/, verifyResponse === null || verifyResponse === void 0 ? void 0 : verifyResponse.accessToken];
                 }
             });
         });
     };
+    Passkey.prototype.isAvailableOnDevice = function () {
+        return __awaiter(this, void 0, void 0, function () {
+            var credentialId;
+            return __generator(this, function (_b) {
+                switch (_b.label) {
+                    case 0:
+                        credentialId = localStorage.getItem(this.passkeyLocalStorageKey);
+                        if (!credentialId) {
+                            return [2 /*return*/, false];
+                        }
+                        _b.label = 1;
+                    case 1:
+                        _b.trys.push([1, 3, , 4]);
+                        return [4 /*yield*/, this.api.getPasskeyAuthenticator(credentialId)];
+                    case 2:
+                        _b.sent();
+                        return [2 /*return*/, true];
+                    case 3:
+                        _b.sent();
+                        return [2 /*return*/, false];
+                    case 4: return [2 /*return*/];
+                }
+            });
+        });
+    };
+    Passkey.prototype.storeCredentialAgainstDevice = function (_a) {
+        var id = _a.id, authenticatorAttachment = _a.authenticatorAttachment;
+        if (authenticatorAttachment === "cross-platform") {
+            return;
+        }
+        localStorage.setItem(this.passkeyLocalStorageKey, id);
+    };
     return Passkey;
 }());
 
@@ -716,408 +777,423 @@ function openWindow(_a) {
     return window.open(url, "", "toolbar=no, location=no, directories=no, status=no, menubar=no, scrollbars=no, resizable=no, copyhistory=no, width=".concat(width, ", height=").concat(height, ", top=").concat(y, ", left=").concat(x));
 }
 
+const not = {
+  inert: ':not([inert]):not([inert] *)',
+  negTabIndex: ':not([tabindex^="-"])',
+  disabled: ':not(:disabled)',
+};
+
 var focusableSelectors = [
-  'a[href]:not([tabindex^="-"])',
-  'area[href]:not([tabindex^="-"])',
-  'input:not([type="hidden"]):not([type="radio"]):not([disabled]):not([tabindex^="-"])',
-  'input[type="radio"]:not([disabled]):not([tabindex^="-"])',
-  'select:not([disabled]):not([tabindex^="-"])',
-  'textarea:not([disabled]):not([tabindex^="-"])',
-  'button:not([disabled]):not([tabindex^="-"])',
-  'iframe:not([tabindex^="-"])',
-  'audio[controls]:not([tabindex^="-"])',
-  'video[controls]:not([tabindex^="-"])',
-  '[contenteditable]:not([tabindex^="-"])',
-  '[tabindex]:not([tabindex^="-"])',
+  `a[href]${not.inert}${not.negTabIndex}`,
+  `area[href]${not.inert}${not.negTabIndex}`,
+  `input:not([type="hidden"]):not([type="radio"])${not.inert}${not.negTabIndex}${not.disabled}`,
+  `input[type="radio"]${not.inert}${not.negTabIndex}${not.disabled}`,
+  `select${not.inert}${not.negTabIndex}${not.disabled}`,
+  `textarea${not.inert}${not.negTabIndex}${not.disabled}`,
+  `button${not.inert}${not.negTabIndex}${not.disabled}`,
+  `details${not.inert} > summary:first-of-type${not.negTabIndex}`,
+  // Discard until Firefox supports `:has()`
+  // See: https://github.com/KittyGiraudel/focusable-selectors/issues/12
+  // `details:not(:has(> summary))${not.inert}${not.negTabIndex}`,
+  `iframe${not.inert}${not.negTabIndex}`,
+  `audio[controls]${not.inert}${not.negTabIndex}`,
+  `video[controls]${not.inert}${not.negTabIndex}`,
+  `[contenteditable]${not.inert}${not.negTabIndex}`,
+  `[tabindex]${not.inert}${not.negTabIndex}`,
 ];
 
-var TAB_KEY = 'Tab';
-var ESCAPE_KEY = 'Escape';
-
 /**
- * Define the constructor to instantiate a dialog
- *
- * @constructor
- * @param {Element} element
+ * Set the focus to the first element with `autofocus` with the element or the
+ * element itself.
  */
-function A11yDialog(element) {
-  // Prebind the functions that will be bound in addEventListener and
-  // removeEventListener to avoid losing references
-  this._show = this.show.bind(this);
-  this._hide = this.hide.bind(this);
-  this._maintainFocus = this._maintainFocus.bind(this);
-  this._bindKeypress = this._bindKeypress.bind(this);
-
-  this.$el = element;
-  this.shown = false;
-  this._id = this.$el.getAttribute('data-a11y-dialog') || this.$el.id;
-  this._previouslyFocused = null;
-  this._listeners = {};
-
-  // Initialise everything needed for the dialog to work properly
-  this.create();
+function moveFocusToDialog(el) {
+    const focused = (el.querySelector('[autofocus]') || el);
+    focused.focus();
 }
-
-/**
- * Set up everything necessary for the dialog to be functioning
- *
- * @param {(NodeList | Element | string)} targets
- * @return {this}
- */
-A11yDialog.prototype.create = function () {
-  this.$el.setAttribute('aria-hidden', true);
-  this.$el.setAttribute('aria-modal', true);
-  this.$el.setAttribute('tabindex', -1);
-
-  if (!this.$el.hasAttribute('role')) {
-    this.$el.setAttribute('role', 'dialog');
-  }
-
-  // Keep a collection of dialog openers, each of which will be bound a click
-  // event listener to open the dialog
-  this._openers = $$('[data-a11y-dialog-show="' + this._id + '"]');
-  this._openers.forEach(
-    function (opener) {
-      opener.addEventListener('click', this._show);
-    }.bind(this)
-  );
-
-  // Keep a collection of dialog closers, each of which will be bound a click
-  // event listener to close the dialog
-  const $el = this.$el;
-
-  this._closers = $$('[data-a11y-dialog-hide]', this.$el)
-    // This filter is necessary in case there are nested dialogs, so that
-    // only closers from the current dialog are retrieved and effective
-    .filter(function (closer) {
-      // Testing for `[aria-modal="true"]` is not enough since this attribute
-      // and the collect of closers is done at instantation time, when nested
-      // dialogs might not have yet been instantiated. Note that if the dialogs
-      // are manually instantiated, this could still fail because none of these
-      // selectors would match; this would cause closers to close all parent
-      // dialogs instead of just the current one
-      return closer.closest('[aria-modal="true"], [data-a11y-dialog]') === $el
-    })
-    .concat($$('[data-a11y-dialog-hide="' + this._id + '"]'));
-
-  this._closers.forEach(
-    function (closer) {
-      closer.addEventListener('click', this._hide);
-    }.bind(this)
-  );
-
-  // Execute all callbacks registered for the `create` event
-  this._fire('create');
-
-  return this
-};
-
-/**
- * Show the dialog element, disable all the targets (siblings), trap the
- * current focus within it, listen for some specific key presses and fire all
- * registered callbacks for `show` event
- *
- * @param {CustomEvent} event
- * @return {this}
- */
-A11yDialog.prototype.show = function (event) {
-  // If the dialog is already open, abort
-  if (this.shown) {
-    return this
-  }
-
-  // Keep a reference to the currently focused element to be able to restore
-  // it later
-  this._previouslyFocused = document.activeElement;
-  this.$el.removeAttribute('aria-hidden');
-  this.shown = true;
-
-  // Set the focus to the dialog element
-  moveFocusToDialog(this.$el);
-
-  // Bind a focus event listener to the body element to make sure the focus
-  // stays trapped inside the dialog while open, and start listening for some
-  // specific key presses (TAB and ESC)
-  document.body.addEventListener('focus', this._maintainFocus, true);
-  document.addEventListener('keydown', this._bindKeypress);
-
-  // Execute all callbacks registered for the `show` event
-  this._fire('show', event);
-
-  return this
-};
-
-/**
- * Hide the dialog element, enable all the targets (siblings), restore the
- * focus to the previously active element, stop listening for some specific
- * key presses and fire all registered callbacks for `hide` event
- *
- * @param {CustomEvent} event
- * @return {this}
- */
-A11yDialog.prototype.hide = function (event) {
-  // If the dialog is already closed, abort
-  if (!this.shown) {
-    return this
-  }
-
-  this.shown = false;
-  this.$el.setAttribute('aria-hidden', 'true');
-
-  // If there was a focused element before the dialog was opened (and it has a
-  // `focus` method), restore the focus back to it
-  // See: https://github.com/KittyGiraudel/a11y-dialog/issues/108
-  if (this._previouslyFocused && this._previouslyFocused.focus) {
-    this._previouslyFocused.focus();
-  }
-
-  // Remove the focus event listener to the body element and stop listening
-  // for specific key presses
-  document.body.removeEventListener('focus', this._maintainFocus, true);
-  document.removeEventListener('keydown', this._bindKeypress);
-
-  // Execute all callbacks registered for the `hide` event
-  this._fire('hide', event);
-
-  return this
-};
-
-/**
- * Destroy the current instance (after making sure the dialog has been hidden)
- * and remove all associated listeners from dialog openers and closers
- *
- * @return {this}
- */
-A11yDialog.prototype.destroy = function () {
-  // Hide the dialog to avoid destroying an open instance
-  this.hide();
-
-  // Remove the click event listener from all dialog openers
-  this._openers.forEach(
-    function (opener) {
-      opener.removeEventListener('click', this._show);
-    }.bind(this)
-  );
-
-  // Remove the click event listener from all dialog closers
-  this._closers.forEach(
-    function (closer) {
-      closer.removeEventListener('click', this._hide);
-    }.bind(this)
-  );
-
-  // Execute all callbacks registered for the `destroy` event
-  this._fire('destroy');
-
-  // Keep an object of listener types mapped to callback functions
-  this._listeners = {};
-
-  return this
-};
-
 /**
- * Register a new callback for the given event type
- *
- * @param {string} type
- * @param {Function} handler
+ * Get the first and last focusable elements in a given tree.
  */
-A11yDialog.prototype.on = function (type, handler) {
-  if (typeof this._listeners[type] === 'undefined') {
-    this._listeners[type] = [];
-  }
-
-  this._listeners[type].push(handler);
-
-  return this
-};
-
-/**
- * Unregister an existing callback for the given event type
- *
- * @param {string} type
- * @param {Function} handler
- */
-A11yDialog.prototype.off = function (type, handler) {
-  var index = (this._listeners[type] || []).indexOf(handler);
-
-  if (index > -1) {
-    this._listeners[type].splice(index, 1);
-  }
-
-  return this
-};
-
+function getFocusableEdges(el) {
+    // Check for a focusable element within the subtree of `el`.
+    const first = findFocusableElement(el, true);
+    // Only if we find the first element do we need to look for the last one. If
+    // there’s no last element, we set `last` as a reference to `first` so that
+    // the returned array is always of length 2.
+    const last = first ? findFocusableElement(el, false) || first : null;
+    return [first, last];
+}
 /**
- * Iterate over all registered handlers for given type and call them all with
- * the dialog element as first argument, event as second argument (if any). Also
- * dispatch a custom event on the DOM element itself to make it possible to
- * react to the lifecycle of auto-instantiated dialogs.
- *
- * @access private
- * @param {string} type
- * @param {CustomEvent} event
+ * Find the first focusable element inside the given node if `forward` is truthy
+ * or the last focusable element otherwise.
  */
-A11yDialog.prototype._fire = function (type, event) {
-  var listeners = this._listeners[type] || [];
-  var domEvent = new CustomEvent(type, { detail: event });
-
-  this.$el.dispatchEvent(domEvent);
-
-  listeners.forEach(
-    function (listener) {
-      listener(this.$el, event);
-    }.bind(this)
-  );
-};
-
+function findFocusableElement(node, forward) {
+    // If we’re walking forward, check if this node is focusable, and return it
+    // immediately if it is.
+    if (forward && isFocusable(node))
+        return node;
+    // We should only search the subtree of this node if it can have focusable
+    // children.
+    if (canHaveFocusableChildren(node)) {
+        // Start walking the DOM tree, looking for focusable elements.
+        // Case 1: If this node has a shadow root, search it recursively.
+        if (node.shadowRoot) {
+            // Descend into this subtree.
+            let next = getNextChildEl(node.shadowRoot, forward);
+            // Traverse siblings, searching the subtree of each one
+            // for focusable elements.
+            while (next) {
+                const focusableEl = findFocusableElement(next, forward);
+                if (focusableEl)
+                    return focusableEl;
+                next = getNextSiblingEl(next, forward);
+            }
+        }
+        // Case 2: If this node is a slot for a Custom Element, search its assigned
+        // nodes recursively.
+        else if (node.localName === 'slot') {
+            const assignedElements = node.assignedElements({
+                flatten: true,
+            });
+            if (!forward)
+                assignedElements.reverse();
+            for (const assignedElement of assignedElements) {
+                const focusableEl = findFocusableElement(assignedElement, forward);
+                if (focusableEl)
+                    return focusableEl;
+            }
+        }
+        // Case 3: this is a regular Light DOM node. Search its subtree.
+        else {
+            // Descend into this subtree.
+            let next = getNextChildEl(node, forward);
+            // Traverse siblings, searching the subtree of each one
+            // for focusable elements.
+            while (next) {
+                const focusableEl = findFocusableElement(next, forward);
+                if (focusableEl)
+                    return focusableEl;
+                next = getNextSiblingEl(next, forward);
+            }
+        }
+    }
+    // If we’re walking backward, we want to check the node’s entire subtree
+    // before checking the node itself. If this node is focusable, return it.
+    if (!forward && isFocusable(node))
+        return node;
+    return null;
+}
+function getNextChildEl(node, forward) {
+    return forward ? node.firstElementChild : node.lastElementChild;
+}
+function getNextSiblingEl(el, forward) {
+    return forward ? el.nextElementSibling : el.previousElementSibling;
+}
 /**
- * Private event handler used when listening to some specific key presses
- * (namely ESCAPE and TAB)
- *
- * @access private
- * @param {Event} event
+ * Determine if an element is hidden from the user.
  */
-A11yDialog.prototype._bindKeypress = function (event) {
-  // This is an escape hatch in case there are nested dialogs, so the keypresses
-  // are only reacted to for the most recent one
-  const focused = document.activeElement;
-  if (focused && focused.closest('[aria-modal="true"]') !== this.$el) return
-
-  // If the dialog is shown and the ESCAPE key is being pressed, prevent any
-  // further effects from the ESCAPE key and hide the dialog, unless its role
-  // is 'alertdialog', which should be modal
-  if (
-    this.shown &&
-    event.key === ESCAPE_KEY &&
-    this.$el.getAttribute('role') !== 'alertdialog'
-  ) {
-    event.preventDefault();
-    this.hide(event);
-  }
-
-  // If the dialog is shown and the TAB key is being pressed, make sure the
-  // focus stays trapped within the dialog element
-  if (this.shown && event.key === TAB_KEY) {
-    trapTabKey(this.$el, event);
-  }
+const isHidden = (el) => {
+    // Browsers hide all non-<summary> descendants of closed <details> elements
+    // from user interaction, but those non-<summary> elements may still match our
+    // focusable-selectors and may still have dimensions, so we need a special
+    // case to ignore them.
+    if (el.matches('details:not([open]) *') &&
+        !el.matches('details>summary:first-of-type'))
+        return true;
+    // If this element has no painted dimensions, it's hidden.
+    return !(el.offsetWidth || el.offsetHeight || el.getClientRects().length);
 };
-
 /**
- * Private event handler used when making sure the focus stays within the
- * currently open dialog
- *
- * @access private
- * @param {Event} event
+ * Determine if an element is focusable and has user-visible painted dimensions.
  */
-A11yDialog.prototype._maintainFocus = function (event) {
-  // If the dialog is shown and the focus is not within a dialog element (either
-  // this one or another one in case of nested dialogs) or within an element
-  // with the `data-a11y-dialog-focus-trap-ignore` attribute, move it back to
-  // its first focusable child.
-  // See: https://github.com/KittyGiraudel/a11y-dialog/issues/177
-  if (
-    this.shown &&
-    !event.target.closest('[aria-modal="true"]') &&
-    !event.target.closest('[data-a11y-dialog-ignore-focus-trap]')
-  ) {
-    moveFocusToDialog(this.$el);
-  }
+const isFocusable = (el) => {
+    // A shadow host that delegates focus will never directly receive focus,
+    // even with `tabindex=0`. Consider our <fancy-button> custom element, which
+    // delegates focus to its shadow button:
+    //
+    // <fancy-button tabindex="0">
+    //  #shadow-root
+    //  <button><slot></slot></button>
+    // </fancy-button>
+    //
+    // The browser acts as as if there is only one focusable element – the shadow
+    // button. Our library should behave the same way.
+    if (el.shadowRoot?.delegatesFocus)
+        return false;
+    return el.matches(focusableSelectors.join(',')) && !isHidden(el);
 };
-
-/**
- * Convert a NodeList into an array
- *
- * @param {NodeList} collection
- * @return {Array<Element>}
- */
-function toArray(collection) {
-  return Array.prototype.slice.call(collection)
-}
-
 /**
- * Query the DOM for nodes matching the given selector, scoped to context (or
- * the whole document)
- *
- * @param {String} selector
- * @param {Element} [context = document]
- * @return {Array<Element>}
+ * Determine if an element can have focusable children. Useful for bailing out
+ * early when walking the DOM tree.
+ * @example
+ * This div is inert, so none of its children can be focused, even though they
+ * meet our criteria for what is focusable. Once we check the div, we can skip
+ * the rest of the subtree.
+ * ```html
+ * <div inert>
+ *   <button>Button</button>
+ *   <a href="#">Link</a>
+ * </div>
+ * ```
  */
-function $$(selector, context) {
-  return toArray((context || document).querySelectorAll(selector))
+function canHaveFocusableChildren(el) {
+    // The browser will never send focus into a Shadow DOM if the host element
+    // has a negative tabindex. This applies to both slotted Light DOM Shadow DOM
+    // children
+    if (el.shadowRoot && el.getAttribute('tabindex') === '-1')
+        return false;
+    // Elemments matching this selector are either hidden entirely from the user,
+    // or are visible but unavailable for interaction. Their descentants can never
+    // receive focus.
+    return !el.matches(':disabled,[hidden],[inert]');
 }
-
 /**
- * Set the focus to the first element with `autofocus` with the element or the
- * element itself
- *
- * @param {Element} node
+ * Get the active element, accounting for Shadow DOM subtrees.
+ * @author Cory LaViska
+ * @see: https://www.abeautifulsite.net/posts/finding-the-active-element-in-a-shadow-root/
  */
-function moveFocusToDialog(node) {
-  var focused = node.querySelector('[autofocus]') || node;
-
-  focused.focus();
-}
-
-/**
- * Get the focusable children of the given element
- *
- * @param {Element} node
- * @return {Array<Element>}
- */
-function getFocusableChildren(node) {
-  return $$(focusableSelectors.join(','), node).filter(function (child) {
-    return !!(
-      child.offsetWidth ||
-      child.offsetHeight ||
-      child.getClientRects().length
-    )
-  })
+function getActiveElement(root = document) {
+    const activeEl = root.activeElement;
+    if (!activeEl)
+        return null;
+    // If there’s a shadow root, recursively find the active element within it.
+    // If the recursive call returns null, return the active element
+    // of the top-level Document.
+    if (activeEl.shadowRoot)
+        return getActiveElement(activeEl.shadowRoot) || document.activeElement;
+    // If not, we can just return the active element
+    return activeEl;
 }
-
 /**
  * Trap the focus inside the given element
- *
- * @param {Element} node
- * @param {Event} event
  */
-function trapTabKey(node, event) {
-  var focusableChildren = getFocusableChildren(node);
-  var focusedItemIndex = focusableChildren.indexOf(document.activeElement);
+function trapTabKey(el, event) {
+    const [firstFocusableChild, lastFocusableChild] = getFocusableEdges(el);
+    // If there are no focusable children in the dialog, prevent the user from
+    // tabbing out of it
+    if (!firstFocusableChild)
+        return event.preventDefault();
+    const activeElement = getActiveElement();
+    // If the SHIFT key is pressed while tabbing (moving backwards) and the
+    // currently focused item is the first one, move the focus to the last
+    // focusable item from the dialog element
+    if (event.shiftKey && activeElement === firstFocusableChild) {
+        // @ts-ignore: we know that `lastFocusableChild` is not null here
+        lastFocusableChild.focus();
+        event.preventDefault();
+    }
+    // If the SHIFT key is not pressed (moving forwards) and the currently focused
+    // item is the last one, move the focus to the first focusable item from the
+    // dialog element
+    else if (!event.shiftKey && activeElement === lastFocusableChild) {
+        firstFocusableChild.focus();
+        event.preventDefault();
+    }
+}
 
-  // If the SHIFT key is being pressed while tabbing (moving backwards) and
-  // the currently focused item is the first one, move the focus to the last
-  // focusable item from the dialog element
-  if (event.shiftKey && focusedItemIndex === 0) {
-    focusableChildren[focusableChildren.length - 1].focus();
-    event.preventDefault();
-    // If the SHIFT key is not being pressed (moving forwards) and the currently
-    // focused item is the last one, move the focus to the first focusable item
-    // from the dialog element
-  } else if (
-    !event.shiftKey &&
-    focusedItemIndex === focusableChildren.length - 1
-  ) {
-    focusableChildren[0].focus();
-    event.preventDefault();
-  }
+class A11yDialog {
+    $el;
+    id;
+    previouslyFocused;
+    shown;
+    constructor(element) {
+        this.$el = element;
+        this.id = this.$el.getAttribute('data-a11y-dialog') || this.$el.id;
+        this.previouslyFocused = null;
+        this.shown = false;
+        this.maintainFocus = this.maintainFocus.bind(this);
+        this.bindKeypress = this.bindKeypress.bind(this);
+        this.handleTriggerClicks = this.handleTriggerClicks.bind(this);
+        this.show = this.show.bind(this);
+        this.hide = this.hide.bind(this);
+        this.$el.setAttribute('aria-hidden', 'true');
+        this.$el.setAttribute('aria-modal', 'true');
+        this.$el.setAttribute('tabindex', '-1');
+        if (!this.$el.hasAttribute('role')) {
+            this.$el.setAttribute('role', 'dialog');
+        }
+        document.addEventListener('click', this.handleTriggerClicks, true);
+    }
+    /**
+     * Destroy the current instance (after making sure the dialog has been hidden)
+     * and remove all associated listeners from dialog openers and closers
+     */
+    destroy() {
+        // Hide the dialog to avoid destroying an open instance
+        this.hide();
+        // Remove the click event delegates for our openers and closers
+        document.removeEventListener('click', this.handleTriggerClicks, true);
+        // Clone and replace the dialog element to prevent memory leaks caused by
+        // event listeners that the author might not have cleaned up.
+        this.$el.replaceWith(this.$el.cloneNode(true));
+        // Dispatch a `destroy` event
+        this.fire('destroy');
+        return this;
+    }
+    /**
+     * Show the dialog element, trap the current focus within it, listen for some
+     * specific key presses and fire all registered callbacks for `show` event
+     */
+    show(event) {
+        // If the dialog is already open, abort
+        if (this.shown)
+            return this;
+        // Keep a reference to the currently focused element to be able to restore
+        // it later
+        this.shown = true;
+        this.$el.removeAttribute('aria-hidden');
+        this.previouslyFocused = getActiveElement();
+        // Due to a long lasting bug in Safari, clicking an interactive element
+        // (like a <button>) does *not* move the focus to that element, which means
+        // `document.activeElement` is whatever element is currently focused (like
+        // an <input>), or the <body> element otherwise. We can work around that
+        // problem by checking whether the focused element is the <body>, and if it,
+        // store the click event target.
+        // See: https://bugs.webkit.org/show_bug.cgi?id=22261
+        if (this.previouslyFocused?.tagName === 'BODY' && event?.target) {
+            this.previouslyFocused = event.target;
+        }
+        // Set the focus to the dialog element
+        // See: https://github.com/KittyGiraudel/a11y-dialog/pull/583
+        if (event?.type === 'focus') {
+            this.maintainFocus(event);
+        }
+        else {
+            moveFocusToDialog(this.$el);
+        }
+        // Bind a focus event listener to the body element to make sure the focus
+        // stays trapped inside the dialog while open, and start listening for some
+        // specific key presses (TAB and ESC)
+        document.body.addEventListener('focus', this.maintainFocus, true);
+        this.$el.addEventListener('keydown', this.bindKeypress, true);
+        // Dispatch a `show` event
+        this.fire('show', event);
+        return this;
+    }
+    /**
+     * Hide the dialog element, restore the focus to the previously active
+     * element, stop listening for some specific key presses and fire all
+     * registered callbacks for `hide` event
+     */
+    hide(event) {
+        // If the dialog is already closed, abort
+        if (!this.shown)
+            return this;
+        this.shown = false;
+        this.$el.setAttribute('aria-hidden', 'true');
+        this.previouslyFocused?.focus?.();
+        // Remove the focus event listener to the body element and stop listening
+        // for specific key presses
+        document.body.removeEventListener('focus', this.maintainFocus, true);
+        this.$el.removeEventListener('keydown', this.bindKeypress, true);
+        // Dispatch a `hide` event
+        this.fire('hide', event);
+        return this;
+    }
+    /**
+     * Register a new callback for the given event type
+     */
+    on(type, handler, options) {
+        this.$el.addEventListener(type, handler, options);
+        return this;
+    }
+    /**
+     * Unregister an existing callback for the given event type
+     */
+    off(type, handler, options) {
+        this.$el.removeEventListener(type, handler, options);
+        return this;
+    }
+    /**
+     * Dispatch a custom event from the DOM element associated with this dialog.
+     * This allows authors to listen for and respond to the events in their own
+     * code
+     */
+    fire(type, event) {
+        this.$el.dispatchEvent(new CustomEvent(type, {
+            detail: event,
+            cancelable: true,
+        }));
+    }
+    /**
+     * Add a delegated event listener for when elememts that open or close the
+     * dialog are clicked, and call `show` or `hide`, respectively
+     */
+    handleTriggerClicks(event) {
+        const target = event.target;
+        // We use `.closest(..)` and not `.matches(..)` here so that clicking
+        // an element nested within a dialog opener does cause the dialog to open
+        if (target.closest(`[data-a11y-dialog-show="${this.id}"]`)) {
+            this.show(event);
+        }
+        if (target.closest(`[data-a11y-dialog-hide="${this.id}"]`) ||
+            (target.closest('[data-a11y-dialog-hide]') &&
+                target.closest('[aria-modal="true"]') === this.$el)) {
+            this.hide(event);
+        }
+    }
+    /**
+     * Private event handler used when listening to some specific key presses
+     * (namely ESC and TAB)
+     */
+    bindKeypress(event) {
+        // This is an escape hatch in case there are nested open dialogs, so that
+        // only the top most dialog gets interacted with
+        if (document.activeElement?.closest('[aria-modal="true"]') !== this.$el) {
+            return;
+        }
+        let hasOpenPopover = false;
+        try {
+            hasOpenPopover = !!this.$el.querySelector('[popover]:not([popover="manual"]):popover-open');
+        }
+        catch {
+            // Run that DOM query in a try/catch because not all browsers support the
+            // `:popover-open` selector, which would cause the whole expression to
+            // fail
+            // See: https://caniuse.com/mdn-css_selectors_popover-open
+            // See: https://github.com/KittyGiraudel/a11y-dialog/pull/578#discussion_r1343215149
+        }
+        // If the dialog is shown and the ESC key is pressed, prevent any further
+        // effects from the ESC key and hide the dialog, unless:
+        // - its role is `alertdialog`, which means it should be modal
+        // - or it contains an open popover, in which case ESC should close it
+        if (event.key === 'Escape' &&
+            this.$el.getAttribute('role') !== 'alertdialog' &&
+            !hasOpenPopover) {
+            event.preventDefault();
+            this.hide(event);
+        }
+        // If the dialog is shown and the TAB key is pressed, make sure the focus
+        // stays trapped within the dialog element
+        if (event.key === 'Tab') {
+            trapTabKey(this.$el, event);
+        }
+    }
+    /**
+     * If the dialog is shown and the focus is not within a dialog element (either
+     * this one or another one in case of nested dialogs) or attribute, move it
+     * back to the dialog container
+     * See: https://github.com/KittyGiraudel/a11y-dialog/issues/177
+     */
+    maintainFocus(event) {
+        const target = event.target;
+        if (!target.closest('[aria-modal="true"], [data-a11y-dialog-ignore-focus-trap]')) {
+            moveFocusToDialog(this.$el);
+        }
+    }
 }
 
 function instantiateDialogs() {
-  $$('[data-a11y-dialog]').forEach(function (node) {
-    new A11yDialog(node);
-  });
+    for (const el of document.querySelectorAll('[data-a11y-dialog]')) {
+        new A11yDialog(el);
+    }
 }
-
 if (typeof document !== 'undefined') {
-  if (document.readyState === 'loading') {
-    document.addEventListener('DOMContentLoaded', instantiateDialogs);
-  } else {
-    if (window.requestAnimationFrame) {
-      window.requestAnimationFrame(instantiateDialogs);
-    } else {
-      window.setTimeout(instantiateDialogs, 16);
+    if (document.readyState === 'loading') {
+        document.addEventListener('DOMContentLoaded', instantiateDialogs);
+    }
+    else {
+        instantiateDialogs();
     }
-  }
 }
 
 var CONTAINER_ID = "__authsignal-popup-container";
@@ -1129,16 +1205,16 @@ var DEFAULT_WIDTH = "385px";
 var INITIAL_HEIGHT = "384px";
 var PopupHandler = /** @class */ (function () {
     function PopupHandler(_a) {
-        var width = _a.width;
+        var width = _a.width, isClosable = _a.isClosable;
         this.popup = null;
         if (document.querySelector("#".concat(CONTAINER_ID))) {
             throw new Error("Multiple instances of Authsignal popup is not supported.");
         }
-        this.create({ width: width });
+        this.create({ width: width, isClosable: isClosable });
     }
     PopupHandler.prototype.create = function (_a) {
         var _this = this;
-        var _b = _a.width, width = _b === void 0 ? DEFAULT_WIDTH : _b;
+        var _b = _a.width, width = _b === void 0 ? DEFAULT_WIDTH : _b, _c = _a.isClosable, isClosable = _c === void 0 ? true : _c;
         var isWidthValidCSSValue = CSS.supports("width", width);
         var popupWidth = width;
         if (!isWidthValidCSSValue) {
@@ -1149,10 +1225,15 @@ var PopupHandler = /** @class */ (function () {
         var container = document.createElement("div");
         container.setAttribute("id", CONTAINER_ID);
         container.setAttribute("aria-hidden", "true");
+        if (!isClosable) {
+            container.setAttribute("role", "alertdialog");
+        }
         // Create dialog overlay
         var overlay = document.createElement("div");
         overlay.setAttribute("id", OVERLAY_ID);
-        overlay.setAttribute("data-a11y-dialog-hide", "true");
+        if (isClosable) {
+            overlay.setAttribute("data-a11y-dialog-hide", "true");
+        }
         // Create dialog content
         var content = document.createElement("div");
         content.setAttribute("id", CONTENT_ID);
@@ -1206,11 +1287,11 @@ var PopupHandler = /** @class */ (function () {
         }
         this.popup.hide();
     };
-    PopupHandler.prototype.on = function (event, handler) {
+    PopupHandler.prototype.on = function (event, listener) {
         if (!this.popup) {
             throw new Error("Popup is not initialized");
         }
-        this.popup.on(event, handler);
+        this.popup.on(event, listener);
     };
     return PopupHandler;
 }());
@@ -1305,7 +1386,7 @@ var Authsignal = /** @class */ (function () {
     Authsignal.prototype.launchWithPopup = function (url, options) {
         var _this = this;
         var popupOptions = options.popupOptions;
-        var popupHandler = new PopupHandler({ width: popupOptions === null || popupOptions === void 0 ? void 0 : popupOptions.width });
+        var popupHandler = new PopupHandler({ width: popupOptions === null || popupOptions === void 0 ? void 0 : popupOptions.width, isClosable: popupOptions === null || popupOptions === void 0 ? void 0 : popupOptions.isClosable });
         var popupUrl = "".concat(url, "&mode=popup");
         popupHandler.show({ url: popupUrl });
         return new Promise(function (resolve) {

package/dist/index.min.js

@@ -1 +1 @@
-var authsignal=function(t){"use strict";let e;const n=new Uint8Array(16);function o(){if(!e&&(e="undefined"!=typeof crypto&&crypto.getRandomValues&&crypto.getRandomValues.bind(crypto),!e))throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");return e(n)}const i=[];for(let t=0;t<256;++t)i.push((t+256).toString(16).slice(1));var r={randomUUID:"undefined"!=typeof crypto&&crypto.randomUUID&&crypto.randomUUID.bind(crypto)};function a(t,e,n){if(r.randomUUID&&!e&&!t)return r.randomUUID();const a=(t=t||{}).random||(t.rng||o)();if(a[6]=15&a[6]|64,a[8]=63&a[8]|128,e){n=n||0;for(let t=0;t<16;++t)e[n+t]=a[t];return e}return function(t,e=0){return(i[t[e+0]]+i[t[e+1]]+i[t[e+2]]+i[t[e+3]]+"-"+i[t[e+4]]+i[t[e+5]]+"-"+i[t[e+6]]+i[t[e+7]]+"-"+i[t[e+8]]+i[t[e+9]]+"-"+i[t[e+10]]+i[t[e+11]]+i[t[e+12]]+i[t[e+13]]+i[t[e+14]]+i[t[e+15]]).toLowerCase()}(a)}var s=function(t){var e=t.name,n=t.value,o=t.expire,i=t.domain,r=t.secure,a=o===1/0?" expires=Fri, 31 Dec 9999 23:59:59 GMT":"; max-age="+o;document.cookie=encodeURIComponent(e)+"="+n+"; path=/;"+a+(i?"; domain="+i:"")+(r?"; secure":"")};function c(t,e){var n={};for(var o in t)Object.prototype.hasOwnProperty.call(t,o)&&e.indexOf(o)<0&&(n[o]=t[o]);if(null!=t&&"function"==typeof Object.getOwnPropertySymbols){var i=0;for(o=Object.getOwnPropertySymbols(t);i<o.length;i++)e.indexOf(o[i])<0&&Object.prototype.propertyIsEnumerable.call(t,o[i])&&(n[o[i]]=t[o[i]])}return n}function u(t,e,n,o){return new(n||(n=Promise))((function(i,r){function a(t){try{c(o.next(t))}catch(t){r(t)}}function s(t){try{c(o.throw(t))}catch(t){r(t)}}function c(t){var e;t.done?i(t.value):(e=t.value,e instanceof n?e:new n((function(t){t(e)}))).then(a,s)}c((o=o.apply(t,e||[])).next())}))}function d(t,e){var n,o,i,r,a={label:0,sent:function(){if(1&i[0])throw i[1];return i[1]},trys:[],ops:[]};return r={next:s(0),throw:s(1),return:s(2)},"function"==typeof Symbol&&(r[Symbol.iterator]=function(){return this}),r;function s(r){return function(s){return function(r){if(n)throw new TypeError("Generator is already executing.");for(;a;)try{if(n=1,o&&(i=2&r[0]?o.return:r[0]?o.throw||((i=o.return)&&i.call(o),0):o.next)&&!(i=i.call(o,r[1])).done)return i;switch(o=0,i&&(r=[2&r[0],i.value]),r[0]){case 0:case 1:i=r;break;case 4:return a.label++,{value:r[1],done:!1};case 5:a.label++,o=r[1],r=[0];continue;case 7:r=a.ops.pop(),a.trys.pop();continue;default:if(!(i=a.trys,(i=i.length>0&&i[i.length-1])||6!==r[0]&&2!==r[0])){a=0;continue}if(3===r[0]&&(!i||r[1]>i[0]&&r[1]<i[3])){a.label=r[1];break}if(6===r[0]&&a.label<i[1]){a.label=i[1],i=r;break}if(i&&a.label<i[2]){a.label=i[2],a.ops.push(r);break}i[2]&&a.ops.pop(),a.trys.pop();continue}r=e.call(t,a)}catch(t){r=[6,t],o=0}finally{n=i=0}if(5&r[0])throw r[1];return{value:r[0]?r[1]:void 0,done:!0}}([r,s])}}}function l(t){const e=new Uint8Array(t);let n="";for(const t of e)n+=String.fromCharCode(t);return btoa(n).replace(/\+/g,"-").replace(/\//g,"_").replace(/=/g,"")}function h(t){const e=t.replace(/-/g,"+").replace(/_/g,"/"),n=(4-e.length%4)%4,o=e.padEnd(e.length+n,"="),i=atob(o),r=new ArrayBuffer(i.length),a=new Uint8Array(r);for(let t=0;t<i.length;t++)a[t]=i.charCodeAt(t);return r}function p(){return void 0!==window?.PublicKeyCredential&&"function"==typeof window.PublicKeyCredential}function f(t){const{id:e}=t;return{...t,id:h(e),transports:t.transports}}function w(t){return"localhost"===t||/^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$/i.test(t)}t.AuthsignalWindowMessage=void 0,(t.AuthsignalWindowMessage||(t.AuthsignalWindowMessage={})).AUTHSIGNAL_CLOSE_POPUP="AUTHSIGNAL_CLOSE_POPUP";class m extends Error{constructor({message:t,code:e,cause:n,name:o}){super(t,{cause:n}),this.name=o??n.name,this.code=e}}const y=new class{createNewAbortSignal(){if(this.controller){const t=new Error("Cancelling existing WebAuthn API call for new one");t.name="AbortError",this.controller.abort(t)}const t=new AbortController;return this.controller=t,t.signal}cancelCeremony(){if(this.controller){const t=new Error("Manually cancelling existing WebAuthn API call");t.name="AbortError",this.controller.abort(t),this.controller=void 0}}},b=["cross-platform","platform"];function g(t){if(t&&!(b.indexOf(t)<0))return t}async function v(t){if(!p())throw new Error("WebAuthn is not supported in this browser");var e;const n={publicKey:{...t,challenge:h(t.challenge),user:{...t.user,id:(e=t.user.id,(new TextEncoder).encode(e))},excludeCredentials:t.excludeCredentials?.map(f)}};let o;n.signal=y.createNewAbortSignal();try{o=await navigator.credentials.create(n)}catch(t){throw function({error:t,options:e}){const{publicKey:n}=e;if(!n)throw Error("options was missing required publicKey property");if("AbortError"===t.name){if(e.signal instanceof AbortSignal)return new m({message:"Registration ceremony was sent an abort signal",code:"ERROR_CEREMONY_ABORTED",cause:t})}else if("ConstraintError"===t.name){if(!0===n.authenticatorSelection?.requireResidentKey)return new m({message:"Discoverable credentials were required but no available authenticator supported it",code:"ERROR_AUTHENTICATOR_MISSING_DISCOVERABLE_CREDENTIAL_SUPPORT",cause:t});if("required"===n.authenticatorSelection?.userVerification)return new m({message:"User verification was required but no available authenticator supported it",code:"ERROR_AUTHENTICATOR_MISSING_USER_VERIFICATION_SUPPORT",cause:t})}else{if("InvalidStateError"===t.name)return new m({message:"The authenticator was previously registered",code:"ERROR_AUTHENTICATOR_PREVIOUSLY_REGISTERED",cause:t});if("NotAllowedError"===t.name)return new m({message:t.message,code:"ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",cause:t});if("NotSupportedError"===t.name)return 0===n.pubKeyCredParams.filter((t=>"public-key"===t.type)).length?new m({message:'No entry in pubKeyCredParams was of type "public-key"',code:"ERROR_MALFORMED_PUBKEYCREDPARAMS",cause:t}):new m({message:"No available authenticator supported any of the specified pubKeyCredParams algorithms",code:"ERROR_AUTHENTICATOR_NO_SUPPORTED_PUBKEYCREDPARAMS_ALG",cause:t});if("SecurityError"===t.name){const e=window.location.hostname;if(!w(e))return new m({message:`${window.location.hostname} is an invalid domain`,code:"ERROR_INVALID_DOMAIN",cause:t});if(n.rp.id!==e)return new m({message:`The RP ID "${n.rp.id}" is invalid for this domain`,code:"ERROR_INVALID_RP_ID",cause:t})}else if("TypeError"===t.name){if(n.user.id.byteLength<1||n.user.id.byteLength>64)return new m({message:"User ID was not between 1 and 64 characters",code:"ERROR_INVALID_USER_ID_LENGTH",cause:t})}else if("UnknownError"===t.name)return new m({message:"The authenticator was unable to process the specified options, or could not create a new credential",code:"ERROR_AUTHENTICATOR_GENERAL_ERROR",cause:t})}return t}({error:t,options:n})}if(!o)throw new Error("Registration was not completed");const{id:i,rawId:r,response:a,type:s}=o;let c,u,d,b;if("function"==typeof a.getTransports&&(c=a.getTransports()),"function"==typeof a.getPublicKeyAlgorithm)try{u=a.getPublicKeyAlgorithm()}catch(t){_("getPublicKeyAlgorithm()",t)}if("function"==typeof a.getPublicKey)try{const t=a.getPublicKey();null!==t&&(d=l(t))}catch(t){_("getPublicKey()",t)}if("function"==typeof a.getAuthenticatorData)try{b=l(a.getAuthenticatorData())}catch(t){_("getAuthenticatorData()",t)}return{id:i,rawId:l(r),response:{attestationObject:l(a.attestationObject),clientDataJSON:l(a.clientDataJSON),transports:c,publicKeyAlgorithm:u,publicKey:d,authenticatorData:b},type:s,clientExtensionResults:o.getClientExtensionResults(),authenticatorAttachment:g(o.authenticatorAttachment)}}function _(t,e){console.warn(`The browser extension that intercepted this WebAuthn API call incorrectly implemented ${t}. You should report this error to them.\n`,e)}async function E(t,e=!1){if(!p())throw new Error("WebAuthn is not supported in this browser");let n;0!==t.allowCredentials?.length&&(n=t.allowCredentials?.map(f));const o={...t,challenge:h(t.challenge),allowCredentials:n},i={};if(e){if(!await function(){const t=window.PublicKeyCredential;return void 0===t.isConditionalMediationAvailable?new Promise((t=>t(!1))):t.isConditionalMediationAvailable()}())throw Error("Browser does not support WebAuthn autofill");if(document.querySelectorAll("input[autocomplete$='webauthn']").length<1)throw Error('No <input> with "webauthn" as the only or last value in its `autocomplete` attribute was detected');i.mediation="conditional",o.allowCredentials=[]}let r;i.publicKey=o,i.signal=y.createNewAbortSignal();try{r=await navigator.credentials.get(i)}catch(t){throw function({error:t,options:e}){const{publicKey:n}=e;if(!n)throw Error("options was missing required publicKey property");if("AbortError"===t.name){if(e.signal instanceof AbortSignal)return new m({message:"Authentication ceremony was sent an abort signal",code:"ERROR_CEREMONY_ABORTED",cause:t})}else{if("NotAllowedError"===t.name)return new m({message:t.message,code:"ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",cause:t});if("SecurityError"===t.name){const e=window.location.hostname;if(!w(e))return new m({message:`${window.location.hostname} is an invalid domain`,code:"ERROR_INVALID_DOMAIN",cause:t});if(n.rpId!==e)return new m({message:`The RP ID "${n.rpId}" is invalid for this domain`,code:"ERROR_INVALID_RP_ID",cause:t})}else if("UnknownError"===t.name)return new m({message:"The authenticator was unable to process the specified options, or could not create a new assertion signature",code:"ERROR_AUTHENTICATOR_GENERAL_ERROR",cause:t})}return t}({error:t,options:i})}if(!r)throw new Error("Authentication was not completed");const{id:a,rawId:s,response:c,type:u}=r;let d;var b;return c.userHandle&&(b=c.userHandle,d=new TextDecoder("utf-8").decode(b)),{id:a,rawId:l(s),response:{authenticatorData:l(c.authenticatorData),clientDataJSON:l(c.clientDataJSON),signature:l(c.signature),userHandle:d},type:u,clientExtensionResults:r.getClientExtensionResults(),authenticatorAttachment:g(r.authenticatorAttachment)}}var A=function(){function t(t){var e=t.baseUrl,n=t.tenantId;this.tenantId=n,this.baseUrl=e}return t.prototype.registrationOptions=function(t){var e=t.token,n=t.userName;return u(this,void 0,void 0,(function(){return d(this,(function(t){switch(t.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey/registration-options"),{method:"POST",headers:this.buildHeaders(e),body:JSON.stringify({username:n})})];case 1:return[2,t.sent().json()]}}))}))},t.prototype.authenticationOptions=function(t){var e=t.token;return u(this,void 0,void 0,(function(){return d(this,(function(t){switch(t.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey/authentication-options"),{method:"POST",headers:this.buildHeaders(e),body:JSON.stringify({})})];case 1:return[2,t.sent().json()]}}))}))},t.prototype.addAuthenticator=function(t){var e=t.token,n=c(t,["token"]);return u(this,void 0,void 0,(function(){return d(this,(function(t){switch(t.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey"),{method:"POST",headers:this.buildHeaders(e),body:JSON.stringify(n)})];case 1:return[2,t.sent().json()]}}))}))},t.prototype.verify=function(t){var e=t.token,n=c(t,["token"]);return u(this,void 0,void 0,(function(){return d(this,(function(t){switch(t.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/verify/passkey"),{method:"POST",headers:this.buildHeaders(e),body:JSON.stringify(n)})];case 1:return[2,t.sent().json()]}}))}))},t.prototype.buildHeaders=function(t){return{"Content-Type":"application/json",Authorization:t?"Bearer ".concat(t):"Basic ".concat(window.btoa(encodeURIComponent(this.tenantId)))}},t}(),R=function(){function t(t){var e=t.baseUrl,n=t.tenantId;this.api=new A({baseUrl:e,tenantId:n})}return t.prototype.signUp=function(t){var e=t.userName,n=t.token;return u(this,void 0,void 0,(function(){var t,o,i;return d(this,(function(r){switch(r.label){case 0:return[4,this.api.registrationOptions({userName:e,token:n})];case 1:return[4,v((t=r.sent()).options)];case 2:return o=r.sent(),[4,this.api.addAuthenticator({challengeId:t.challengeId,registrationCredential:o,token:n})];case 3:return[2,null==(i=r.sent())?void 0:i.accessToken]}}))}))},t.prototype.signIn=function(t){return u(this,void 0,void 0,(function(){var e,n,o;return d(this,(function(i){switch(i.label){case 0:if((null==t?void 0:t.token)&&t.autofill)throw new Error("Autofill is not supported when providing a token");return[4,this.api.authenticationOptions({token:null==t?void 0:t.token})];case 1:return[4,E((e=i.sent()).options,null==t?void 0:t.autofill)];case 2:return n=i.sent(),[4,this.api.verify({challengeId:e.challengeId,authenticationCredential:n,token:null==t?void 0:t.token})];case 3:return[2,null==(o=i.sent())?void 0:o.accessToken]}}))}))},t}(),O=function(){function t(){this.windowRef=null}return t.prototype.show=function(t){var e=t.url,n=t.width,o=void 0===n?400:n,i=t.height,r=function(t){var e=t.url,n=t.width,o=t.height,i=t.win;if(!i.top)return null;var r=i.top.outerHeight/2+i.top.screenY-o/2,a=i.top.outerWidth/2+i.top.screenX-n/2;return window.open(e,"","toolbar=no, location=no, directories=no, status=no, menubar=no, scrollbars=no, resizable=no, copyhistory=no, width=".concat(n,", height=").concat(o,", top=").concat(r,", left=").concat(a))}({url:e,width:o,height:void 0===i?500:i,win:window});if(!r)throw new Error("Window is not initialized");return this.windowRef=r,r},t.prototype.close=function(){if(!this.windowRef)throw new Error("Window is not initialized");this.windowRef.close()},t}();var I=['a[href]:not([tabindex^="-"])','area[href]:not([tabindex^="-"])','input:not([type="hidden"]):not([type="radio"]):not([disabled]):not([tabindex^="-"])','input[type="radio"]:not([disabled]):not([tabindex^="-"])','select:not([disabled]):not([tabindex^="-"])','textarea:not([disabled]):not([tabindex^="-"])','button:not([disabled]):not([tabindex^="-"])','iframe:not([tabindex^="-"])','audio[controls]:not([tabindex^="-"])','video[controls]:not([tabindex^="-"])','[contenteditable]:not([tabindex^="-"])','[tabindex]:not([tabindex^="-"])'];function S(t){this._show=this.show.bind(this),this._hide=this.hide.bind(this),this._maintainFocus=this._maintainFocus.bind(this),this._bindKeypress=this._bindKeypress.bind(this),this.$el=t,this.shown=!1,this._id=this.$el.getAttribute("data-a11y-dialog")||this.$el.id,this._previouslyFocused=null,this._listeners={},this.create()}function C(t,e){return n=(e||document).querySelectorAll(t),Array.prototype.slice.call(n);var n}function P(t){(t.querySelector("[autofocus]")||t).focus()}function k(){C("[data-a11y-dialog]").forEach((function(t){new S(t)}))}S.prototype.create=function(){this.$el.setAttribute("aria-hidden",!0),this.$el.setAttribute("aria-modal",!0),this.$el.setAttribute("tabindex",-1),this.$el.hasAttribute("role")||this.$el.setAttribute("role","dialog"),this._openers=C('[data-a11y-dialog-show="'+this._id+'"]'),this._openers.forEach(function(t){t.addEventListener("click",this._show)}.bind(this));const t=this.$el;return this._closers=C("[data-a11y-dialog-hide]",this.$el).filter((function(e){return e.closest('[aria-modal="true"], [data-a11y-dialog]')===t})).concat(C('[data-a11y-dialog-hide="'+this._id+'"]')),this._closers.forEach(function(t){t.addEventListener("click",this._hide)}.bind(this)),this._fire("create"),this},S.prototype.show=function(t){return this.shown||(this._previouslyFocused=document.activeElement,this.$el.removeAttribute("aria-hidden"),this.shown=!0,P(this.$el),document.body.addEventListener("focus",this._maintainFocus,!0),document.addEventListener("keydown",this._bindKeypress),this._fire("show",t)),this},S.prototype.hide=function(t){return this.shown?(this.shown=!1,this.$el.setAttribute("aria-hidden","true"),this._previouslyFocused&&this._previouslyFocused.focus&&this._previouslyFocused.focus(),document.body.removeEventListener("focus",this._maintainFocus,!0),document.removeEventListener("keydown",this._bindKeypress),this._fire("hide",t),this):this},S.prototype.destroy=function(){return this.hide(),this._openers.forEach(function(t){t.removeEventListener("click",this._show)}.bind(this)),this._closers.forEach(function(t){t.removeEventListener("click",this._hide)}.bind(this)),this._fire("destroy"),this._listeners={},this},S.prototype.on=function(t,e){return void 0===this._listeners[t]&&(this._listeners[t]=[]),this._listeners[t].push(e),this},S.prototype.off=function(t,e){var n=(this._listeners[t]||[]).indexOf(e);return n>-1&&this._listeners[t].splice(n,1),this},S.prototype._fire=function(t,e){var n=this._listeners[t]||[],o=new CustomEvent(t,{detail:e});this.$el.dispatchEvent(o),n.forEach(function(t){t(this.$el,e)}.bind(this))},S.prototype._bindKeypress=function(t){const e=document.activeElement;e&&e.closest('[aria-modal="true"]')!==this.$el||(this.shown&&"Escape"===t.key&&"alertdialog"!==this.$el.getAttribute("role")&&(t.preventDefault(),this.hide(t)),this.shown&&"Tab"===t.key&&function(t,e){var n=function(t){return C(I.join(","),t).filter((function(t){return!!(t.offsetWidth||t.offsetHeight||t.getClientRects().length)}))}(t),o=n.indexOf(document.activeElement);e.shiftKey&&0===o?(n[n.length-1].focus(),e.preventDefault()):e.shiftKey||o!==n.length-1||(n[0].focus(),e.preventDefault())}(this.$el,t))},S.prototype._maintainFocus=function(t){!this.shown||t.target.closest('[aria-modal="true"]')||t.target.closest("[data-a11y-dialog-ignore-focus-trap]")||P(this.$el)},"undefined"!=typeof document&&("loading"===document.readyState?document.addEventListener("DOMContentLoaded",k):window.requestAnimationFrame?window.requestAnimationFrame(k):window.setTimeout(k,16));var x="__authsignal-popup-container",U="__authsignal-popup-content",T="__authsignal-popup-overlay",N="__authsignal-popup-style",D="__authsignal-popup-iframe",L="385px",K=function(){function t(t){var e=t.width;if(this.popup=null,document.querySelector("#".concat(x)))throw new Error("Multiple instances of Authsignal popup is not supported.");this.create({width:e})}return t.prototype.create=function(t){var e=this,n=t.width,o=void 0===n?L:n,i=o;CSS.supports("width",o)||(console.warn("Invalid CSS value for `popupOptions.width`. Using default value instead."),i=L);var r=document.createElement("div");r.setAttribute("id",x),r.setAttribute("aria-hidden","true");var a=document.createElement("div");a.setAttribute("id",T),a.setAttribute("data-a11y-dialog-hide","true");var s=document.createElement("div");s.setAttribute("id",U),document.body.appendChild(r);var c=document.createElement("style");c.setAttribute("id",N),c.textContent="\n      #".concat(x,",\n      #").concat(T," {\n        position: fixed;\n        top: 0;\n        right: 0;\n        bottom: 0;\n        left: 0;\n      }\n\n      #").concat(x," {\n        z-index: 2147483647;\n        display: flex;\n      }\n\n      #").concat(x,"[aria-hidden='true'] {\n        display: none;\n      }\n\n      #").concat(T," {\n        background-color: rgba(0, 0, 0, 0.18);\n      }\n\n      #").concat(U," {\n        margin: auto;\n        z-index: 2147483647;\n        position: relative;\n        background-color: transparent;\n        border-radius: 8px;\n        width: ").concat(i,";\n      }\n\n      #").concat(U," iframe {\n        width: 1px;\n        min-width: 100%;\n        border-radius: inherit;\n        max-height: 95vh;\n        height: ").concat("384px",";\n      }\n    "),document.head.insertAdjacentElement("beforeend",c),r.appendChild(a),r.appendChild(s),this.popup=new S(r),this.popup.on("hide",(function(){e.destroy()}))},t.prototype.destroy=function(){var t=document.querySelector("#".concat(x)),e=document.querySelector("#".concat(N));t&&e&&(document.body.removeChild(t),document.head.removeChild(e)),window.removeEventListener("message",$)},t.prototype.show=function(t){var e,n=t.url;if(!this.popup)throw new Error("Popup is not initialized");var o=document.createElement("iframe");o.setAttribute("id",D),o.setAttribute("name","authsignal"),o.setAttribute("title","Authsignal multi-factor authentication"),o.setAttribute("src",n),o.setAttribute("frameborder","0"),o.setAttribute("allow","publickey-credentials-get *; publickey-credentials-create *; clipboard-write");var i=document.querySelector("#".concat(U));i&&i.appendChild(o),window.addEventListener("message",$),null===(e=this.popup)||void 0===e||e.show()},t.prototype.close=function(){if(!this.popup)throw new Error("Popup is not initialized");this.popup.hide()},t.prototype.on=function(t,e){if(!this.popup)throw new Error("Popup is not initialized");this.popup.on(t,e)},t}();function $(t){var e=document.querySelector("#".concat(D));e&&t.data.height&&(e.style.height=t.data.height+"px")}var H="4a08uqve",W=function(){function e(t){var e=t.cookieDomain,n=t.cookieName,o=void 0===n?"__as_aid":n,i=t.baseUrl,r=void 0===i?"https://api.authsignal.com/v1":i,c=t.tenantId;if(this.anonymousId="",this.profilingId="",this.cookieDomain="",this.anonymousIdCookieName="",this._token=void 0,this.cookieDomain=e||document.location.hostname.replace("www.",""),this.anonymousIdCookieName=o,!c)throw new Error("tenantId is required");this.passkey=new R({tenantId:c,baseUrl:r});var u,d=(u=this.anonymousIdCookieName)&&decodeURIComponent(document.cookie.replace(new RegExp("(?:(?:^|.*;)\\s*"+encodeURIComponent(u).replace(/[\-\.\+\*]/g,"\\$&")+"\\s*\\=\\s*([^;]*).*$)|^.*$"),"$1"))||null;d?this.anonymousId=d:(this.anonymousId=a(),s({name:this.anonymousIdCookieName,value:this.anonymousId,expire:1/0,domain:this.cookieDomain,secure:"http:"!==document.location.protocol}))}return e.prototype.launch=function(t,e){switch(null==e?void 0:e.mode){case"window":return this.launchWithWindow(t,e);case"popup":return this.launchWithPopup(t,e);default:this.launchWithRedirect(t)}},e.prototype.initAdvancedProfiling=function(t){var e=a();this.profilingId=e,s({name:"__as_pid",value:e,expire:1/0,domain:this.cookieDomain,secure:"http:"!==document.location.protocol});var n=t?"".concat(t,"/fp/tags.js?org_id=").concat(H,"&session_id=").concat(e):"https://h.online-metrix.net/fp/tags.js?org_id=".concat(H,"&session_id=").concat(e),o=document.createElement("script");o.src=n,o.async=!1,o.id="as_adv_profile",document.head.appendChild(o);var i=document.createElement("noscript");i.setAttribute("id","as_adv_profile_pixel"),i.setAttribute("aria-hidden","true");var r=document.createElement("iframe"),c=t?"".concat(t,"/fp/tags?org_id=").concat(H,"&session_id=").concat(e):"https://h.online-metrix.net/fp/tags?org_id=".concat(H,"&session_id=").concat(e);r.setAttribute("id","as_adv_profile_pixel"),r.setAttribute("src",c),r.setAttribute("style","width: 100px; height: 100px; border: 0; position: absolute; top: -5000px;"),i&&(i.appendChild(r),document.body.prepend(i))},e.prototype.launchWithRedirect=function(t){window.location.href=t},e.prototype.launchWithPopup=function(e,n){var o=this,i=n.popupOptions,r=new K({width:null==i?void 0:i.width}),a="".concat(e,"&mode=popup");return r.show({url:a}),new Promise((function(e){r.on("hide",(function(){e({token:o._token})})),window.addEventListener("message",(function(e){var n=null;try{n=JSON.parse(e.data)}catch(t){}(null==n?void 0:n.event)===t.AuthsignalWindowMessage.AUTHSIGNAL_CLOSE_POPUP&&(o._token=n.token,r.close())}),!1)}))},e.prototype.launchWithWindow=function(e,n){var o=this,i=n.windowOptions,r=new O,a="".concat(e,"&mode=popup");return r.show({url:a,width:null==i?void 0:i.width,height:null==i?void 0:i.height}),new Promise((function(e){window.addEventListener("message",(function(n){var i=null;try{i=JSON.parse(n.data)}catch(t){}(null==i?void 0:i.event)===t.AuthsignalWindowMessage.AUTHSIGNAL_CLOSE_POPUP&&(o._token=i.token,r.close(),e({token:o._token}))}),!1)}))},e}();return t.Authsignal=W,Object.defineProperty(t,"__esModule",{value:!0}),t}({});
+var authsignal=function(t){"use strict";let e;const n=new Uint8Array(16);function o(){if(!e&&(e="undefined"!=typeof crypto&&crypto.getRandomValues&&crypto.getRandomValues.bind(crypto),!e))throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");return e(n)}const i=[];for(let t=0;t<256;++t)i.push((t+256).toString(16).slice(1));var r={randomUUID:"undefined"!=typeof crypto&&crypto.randomUUID&&crypto.randomUUID.bind(crypto)};function a(t,e,n){if(r.randomUUID&&!e&&!t)return r.randomUUID();const a=(t=t||{}).random||(t.rng||o)();if(a[6]=15&a[6]|64,a[8]=63&a[8]|128,e){n=n||0;for(let t=0;t<16;++t)e[n+t]=a[t];return e}return function(t,e=0){return(i[t[e+0]]+i[t[e+1]]+i[t[e+2]]+i[t[e+3]]+"-"+i[t[e+4]]+i[t[e+5]]+"-"+i[t[e+6]]+i[t[e+7]]+"-"+i[t[e+8]]+i[t[e+9]]+"-"+i[t[e+10]]+i[t[e+11]]+i[t[e+12]]+i[t[e+13]]+i[t[e+14]]+i[t[e+15]]).toLowerCase()}(a)}var s=function(t){var e=t.name,n=t.value,o=t.expire,i=t.domain,r=t.secure,a=o===1/0?" expires=Fri, 31 Dec 9999 23:59:59 GMT":"; max-age="+o;document.cookie=encodeURIComponent(e)+"="+n+"; path=/;"+a+(i?"; domain="+i:"")+(r?"; secure":"")};function c(t,e){var n={};for(var o in t)Object.prototype.hasOwnProperty.call(t,o)&&e.indexOf(o)<0&&(n[o]=t[o]);if(null!=t&&"function"==typeof Object.getOwnPropertySymbols){var i=0;for(o=Object.getOwnPropertySymbols(t);i<o.length;i++)e.indexOf(o[i])<0&&Object.prototype.propertyIsEnumerable.call(t,o[i])&&(n[o[i]]=t[o[i]])}return n}function u(t,e,n,o){return new(n||(n=Promise))((function(i,r){function a(t){try{c(o.next(t))}catch(t){r(t)}}function s(t){try{c(o.throw(t))}catch(t){r(t)}}function c(t){var e;t.done?i(t.value):(e=t.value,e instanceof n?e:new n((function(t){t(e)}))).then(a,s)}c((o=o.apply(t,e||[])).next())}))}function l(t,e){var n,o,i,r,a={label:0,sent:function(){if(1&i[0])throw i[1];return i[1]},trys:[],ops:[]};return r={next:s(0),throw:s(1),return:s(2)},"function"==typeof Symbol&&(r[Symbol.iterator]=function(){return this}),r;function s(r){return function(s){return function(r){if(n)throw new TypeError("Generator is already executing.");for(;a;)try{if(n=1,o&&(i=2&r[0]?o.return:r[0]?o.throw||((i=o.return)&&i.call(o),0):o.next)&&!(i=i.call(o,r[1])).done)return i;switch(o=0,i&&(r=[2&r[0],i.value]),r[0]){case 0:case 1:i=r;break;case 4:return a.label++,{value:r[1],done:!1};case 5:a.label++,o=r[1],r=[0];continue;case 7:r=a.ops.pop(),a.trys.pop();continue;default:if(!(i=a.trys,(i=i.length>0&&i[i.length-1])||6!==r[0]&&2!==r[0])){a=0;continue}if(3===r[0]&&(!i||r[1]>i[0]&&r[1]<i[3])){a.label=r[1];break}if(6===r[0]&&a.label<i[1]){a.label=i[1],i=r;break}if(i&&a.label<i[2]){a.label=i[2],a.ops.push(r);break}i[2]&&a.ops.pop(),a.trys.pop();continue}r=e.call(t,a)}catch(t){r=[6,t],o=0}finally{n=i=0}if(5&r[0])throw r[1];return{value:r[0]?r[1]:void 0,done:!0}}([r,s])}}}function d(t){const e=new Uint8Array(t);let n="";for(const t of e)n+=String.fromCharCode(t);return btoa(n).replace(/\+/g,"-").replace(/\//g,"_").replace(/=/g,"")}function h(t){const e=t.replace(/-/g,"+").replace(/_/g,"/"),n=(4-e.length%4)%4,o=e.padEnd(e.length+n,"="),i=atob(o),r=new ArrayBuffer(i.length),a=new Uint8Array(r);for(let t=0;t<i.length;t++)a[t]=i.charCodeAt(t);return r}function p(){return void 0!==window?.PublicKeyCredential&&"function"==typeof window.PublicKeyCredential}function f(t){const{id:e}=t;return{...t,id:h(e),transports:t.transports}}function m(t){return"localhost"===t||/^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$/i.test(t)}t.AuthsignalWindowMessage=void 0,(t.AuthsignalWindowMessage||(t.AuthsignalWindowMessage={})).AUTHSIGNAL_CLOSE_POPUP="AUTHSIGNAL_CLOSE_POPUP";class w extends Error{constructor({message:t,code:e,cause:n,name:o}){super(t,{cause:n}),this.name=o??n.name,this.code=e}}const y=new class{createNewAbortSignal(){if(this.controller){const t=new Error("Cancelling existing WebAuthn API call for new one");t.name="AbortError",this.controller.abort(t)}const t=new AbortController;return this.controller=t,t.signal}cancelCeremony(){if(this.controller){const t=new Error("Manually cancelling existing WebAuthn API call");t.name="AbortError",this.controller.abort(t),this.controller=void 0}}},g=["cross-platform","platform"];function b(t){if(t&&!(g.indexOf(t)<0))return t}async function v(t){if(!p())throw new Error("WebAuthn is not supported in this browser");var e;const n={publicKey:{...t,challenge:h(t.challenge),user:{...t.user,id:(e=t.user.id,(new TextEncoder).encode(e))},excludeCredentials:t.excludeCredentials?.map(f)}};let o;n.signal=y.createNewAbortSignal();try{o=await navigator.credentials.create(n)}catch(t){throw function({error:t,options:e}){const{publicKey:n}=e;if(!n)throw Error("options was missing required publicKey property");if("AbortError"===t.name){if(e.signal instanceof AbortSignal)return new w({message:"Registration ceremony was sent an abort signal",code:"ERROR_CEREMONY_ABORTED",cause:t})}else if("ConstraintError"===t.name){if(!0===n.authenticatorSelection?.requireResidentKey)return new w({message:"Discoverable credentials were required but no available authenticator supported it",code:"ERROR_AUTHENTICATOR_MISSING_DISCOVERABLE_CREDENTIAL_SUPPORT",cause:t});if("required"===n.authenticatorSelection?.userVerification)return new w({message:"User verification was required but no available authenticator supported it",code:"ERROR_AUTHENTICATOR_MISSING_USER_VERIFICATION_SUPPORT",cause:t})}else{if("InvalidStateError"===t.name)return new w({message:"The authenticator was previously registered",code:"ERROR_AUTHENTICATOR_PREVIOUSLY_REGISTERED",cause:t});if("NotAllowedError"===t.name)return new w({message:t.message,code:"ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",cause:t});if("NotSupportedError"===t.name)return 0===n.pubKeyCredParams.filter((t=>"public-key"===t.type)).length?new w({message:'No entry in pubKeyCredParams was of type "public-key"',code:"ERROR_MALFORMED_PUBKEYCREDPARAMS",cause:t}):new w({message:"No available authenticator supported any of the specified pubKeyCredParams algorithms",code:"ERROR_AUTHENTICATOR_NO_SUPPORTED_PUBKEYCREDPARAMS_ALG",cause:t});if("SecurityError"===t.name){const e=window.location.hostname;if(!m(e))return new w({message:`${window.location.hostname} is an invalid domain`,code:"ERROR_INVALID_DOMAIN",cause:t});if(n.rp.id!==e)return new w({message:`The RP ID "${n.rp.id}" is invalid for this domain`,code:"ERROR_INVALID_RP_ID",cause:t})}else if("TypeError"===t.name){if(n.user.id.byteLength<1||n.user.id.byteLength>64)return new w({message:"User ID was not between 1 and 64 characters",code:"ERROR_INVALID_USER_ID_LENGTH",cause:t})}else if("UnknownError"===t.name)return new w({message:"The authenticator was unable to process the specified options, or could not create a new credential",code:"ERROR_AUTHENTICATOR_GENERAL_ERROR",cause:t})}return t}({error:t,options:n})}if(!o)throw new Error("Registration was not completed");const{id:i,rawId:r,response:a,type:s}=o;let c,u,l,g;if("function"==typeof a.getTransports&&(c=a.getTransports()),"function"==typeof a.getPublicKeyAlgorithm)try{u=a.getPublicKeyAlgorithm()}catch(t){E("getPublicKeyAlgorithm()",t)}if("function"==typeof a.getPublicKey)try{const t=a.getPublicKey();null!==t&&(l=d(t))}catch(t){E("getPublicKey()",t)}if("function"==typeof a.getAuthenticatorData)try{g=d(a.getAuthenticatorData())}catch(t){E("getAuthenticatorData()",t)}return{id:i,rawId:d(r),response:{attestationObject:d(a.attestationObject),clientDataJSON:d(a.clientDataJSON),transports:c,publicKeyAlgorithm:u,publicKey:l,authenticatorData:g},type:s,clientExtensionResults:o.getClientExtensionResults(),authenticatorAttachment:b(o.authenticatorAttachment)}}function E(t,e){console.warn(`The browser extension that intercepted this WebAuthn API call incorrectly implemented ${t}. You should report this error to them.\n`,e)}async function A(t,e=!1){if(!p())throw new Error("WebAuthn is not supported in this browser");let n;0!==t.allowCredentials?.length&&(n=t.allowCredentials?.map(f));const o={...t,challenge:h(t.challenge),allowCredentials:n},i={};if(e){if(!await function(){const t=window.PublicKeyCredential;return void 0===t.isConditionalMediationAvailable?new Promise((t=>t(!1))):t.isConditionalMediationAvailable()}())throw Error("Browser does not support WebAuthn autofill");if(document.querySelectorAll("input[autocomplete$='webauthn']").length<1)throw Error('No <input> with "webauthn" as the only or last value in its `autocomplete` attribute was detected');i.mediation="conditional",o.allowCredentials=[]}let r;i.publicKey=o,i.signal=y.createNewAbortSignal();try{r=await navigator.credentials.get(i)}catch(t){throw function({error:t,options:e}){const{publicKey:n}=e;if(!n)throw Error("options was missing required publicKey property");if("AbortError"===t.name){if(e.signal instanceof AbortSignal)return new w({message:"Authentication ceremony was sent an abort signal",code:"ERROR_CEREMONY_ABORTED",cause:t})}else{if("NotAllowedError"===t.name)return new w({message:t.message,code:"ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",cause:t});if("SecurityError"===t.name){const e=window.location.hostname;if(!m(e))return new w({message:`${window.location.hostname} is an invalid domain`,code:"ERROR_INVALID_DOMAIN",cause:t});if(n.rpId!==e)return new w({message:`The RP ID "${n.rpId}" is invalid for this domain`,code:"ERROR_INVALID_RP_ID",cause:t})}else if("UnknownError"===t.name)return new w({message:"The authenticator was unable to process the specified options, or could not create a new assertion signature",code:"ERROR_AUTHENTICATOR_GENERAL_ERROR",cause:t})}return t}({error:t,options:i})}if(!r)throw new Error("Authentication was not completed");const{id:a,rawId:s,response:c,type:u}=r;let l;var g;return c.userHandle&&(g=c.userHandle,l=new TextDecoder("utf-8").decode(g)),{id:a,rawId:d(s),response:{authenticatorData:d(c.authenticatorData),clientDataJSON:d(c.clientDataJSON),signature:d(c.signature),userHandle:l},type:u,clientExtensionResults:r.getClientExtensionResults(),authenticatorAttachment:b(r.authenticatorAttachment)}}var R=function(){function t(t){var e=t.baseUrl,n=t.tenantId;this.tenantId=n,this.baseUrl=e}return t.prototype.registrationOptions=function(t){var e=t.token,n=t.userName,o=t.authenticatorAttachment;return u(this,void 0,void 0,(function(){var t;return l(this,(function(i){switch(i.label){case 0:return t=Boolean(o)?{username:n,authenticatorAttachment:o}:{username:n},[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey/registration-options"),{method:"POST",headers:this.buildHeaders(e),body:JSON.stringify(t)})];case 1:return[2,i.sent().json()]}}))}))},t.prototype.authenticationOptions=function(t){var e=t.token;return u(this,void 0,void 0,(function(){return l(this,(function(t){switch(t.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey/authentication-options"),{method:"POST",headers:this.buildHeaders(e),body:JSON.stringify({})})];case 1:return[2,t.sent().json()]}}))}))},t.prototype.addAuthenticator=function(t){var e=t.token,n=c(t,["token"]);return u(this,void 0,void 0,(function(){return l(this,(function(t){switch(t.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey"),{method:"POST",headers:this.buildHeaders(e),body:JSON.stringify(n)})];case 1:return[2,t.sent().json()]}}))}))},t.prototype.verify=function(t){var e=t.token,n=c(t,["token"]);return u(this,void 0,void 0,(function(){return l(this,(function(t){switch(t.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/verify/passkey"),{method:"POST",headers:this.buildHeaders(e),body:JSON.stringify(n)})];case 1:return[2,t.sent().json()]}}))}))},t.prototype.getPasskeyAuthenticator=function(t){return u(this,void 0,void 0,(function(){var e;return l(this,(function(n){switch(n.label){case 0:return[4,fetch("".concat(this.baseUrl,"/client/user-authenticators/passkey?credentialId=").concat(t),{method:"GET",headers:this.buildHeaders()})];case 1:if(!(e=n.sent()).ok)throw new Error(e.statusText);return[2,e.json()]}}))}))},t.prototype.buildHeaders=function(t){return{"Content-Type":"application/json",Authorization:t?"Bearer ".concat(t):"Basic ".concat(window.btoa(encodeURIComponent(this.tenantId)))}},t}(),_=function(){function t(t){var e=t.baseUrl,n=t.tenantId;this.passkeyLocalStorageKey="as_passkey_credential_id",this.api=new R({baseUrl:e,tenantId:n})}return t.prototype.signUp=function(t){var e=t.userName,n=t.token,o=t.authenticatorAttachment,i=void 0===o?"platform":o;return u(this,void 0,void 0,(function(){var t,o,r;return l(this,(function(a){switch(a.label){case 0:return[4,this.api.registrationOptions({userName:e,token:n,authenticatorAttachment:i})];case 1:return[4,v((t=a.sent()).options)];case 2:return o=a.sent(),[4,this.api.addAuthenticator({challengeId:t.challengeId,registrationCredential:o,token:n})];case 3:return(null==(r=a.sent())?void 0:r.isVerified)&&this.storeCredentialAgainstDevice(o),[2,null==r?void 0:r.accessToken]}}))}))},t.prototype.signIn=function(t){return u(this,void 0,void 0,(function(){var e,n,o;return l(this,(function(i){switch(i.label){case 0:if((null==t?void 0:t.token)&&t.autofill)throw new Error("Autofill is not supported when providing a token");return[4,this.api.authenticationOptions({token:null==t?void 0:t.token})];case 1:return[4,A((e=i.sent()).options,null==t?void 0:t.autofill)];case 2:return n=i.sent(),[4,this.api.verify({challengeId:e.challengeId,authenticationCredential:n,token:null==t?void 0:t.token})];case 3:return(null==(o=i.sent())?void 0:o.isVerified)&&this.storeCredentialAgainstDevice(n),[2,null==o?void 0:o.accessToken]}}))}))},t.prototype.isAvailableOnDevice=function(){return u(this,void 0,void 0,(function(){var t;return l(this,(function(e){switch(e.label){case 0:if(!(t=localStorage.getItem(this.passkeyLocalStorageKey)))return[2,!1];e.label=1;case 1:return e.trys.push([1,3,,4]),[4,this.api.getPasskeyAuthenticator(t)];case 2:return e.sent(),[2,!0];case 3:return e.sent(),[2,!1];case 4:return[2]}}))}))},t.prototype.storeCredentialAgainstDevice=function(t){var e=t.id;"cross-platform"!==t.authenticatorAttachment&&localStorage.setItem(this.passkeyLocalStorageKey,e)},t}(),O=function(){function t(){this.windowRef=null}return t.prototype.show=function(t){var e=t.url,n=t.width,o=void 0===n?400:n,i=t.height,r=function(t){var e=t.url,n=t.width,o=t.height,i=t.win;if(!i.top)return null;var r=i.top.outerHeight/2+i.top.screenY-o/2,a=i.top.outerWidth/2+i.top.screenX-n/2;return window.open(e,"","toolbar=no, location=no, directories=no, status=no, menubar=no, scrollbars=no, resizable=no, copyhistory=no, width=".concat(n,", height=").concat(o,", top=").concat(r,", left=").concat(a))}({url:e,width:o,height:void 0===i?500:i,win:window});if(!r)throw new Error("Window is not initialized");return this.windowRef=r,r},t.prototype.close=function(){if(!this.windowRef)throw new Error("Window is not initialized");this.windowRef.close()},t}();const I=":not([inert]):not([inert] *)",C=':not([tabindex^="-"])',S=":not(:disabled)";var k=[`a[href]${I}${C}`,`area[href]${I}${C}`,`input:not([type="hidden"]):not([type="radio"])${I}${C}${S}`,`input[type="radio"]${I}${C}${S}`,`select${I}${C}${S}`,`textarea${I}${C}${S}`,`button${I}${C}${S}`,`details${I} > summary:first-of-type${C}`,`iframe${I}${C}`,`audio[controls]${I}${C}`,`video[controls]${I}${C}`,`[contenteditable]${I}${C}`,`[tabindex]${I}${C}`];function $(t){(t.querySelector("[autofocus]")||t).focus()}function P(t,e){if(e&&N(t))return t;if(!((n=t).shadowRoot&&"-1"===n.getAttribute("tabindex")||n.matches(":disabled,[hidden],[inert]")))if(t.shadowRoot){let n=T(t.shadowRoot,e);for(;n;){const t=P(n,e);if(t)return t;n=U(n,e)}}else if("slot"===t.localName){const n=t.assignedElements({flatten:!0});e||n.reverse();for(const t of n){const n=P(t,e);if(n)return n}}else{let n=T(t,e);for(;n;){const t=P(n,e);if(t)return t;n=U(n,e)}}var n;return!e&&N(t)?t:null}function T(t,e){return e?t.firstElementChild:t.lastElementChild}function U(t,e){return e?t.nextElementSibling:t.previousElementSibling}const N=t=>!t.shadowRoot?.delegatesFocus&&(t.matches(k.join(","))&&!(t=>!(!t.matches("details:not([open]) *")||t.matches("details>summary:first-of-type"))||!(t.offsetWidth||t.offsetHeight||t.getClientRects().length))(t));function D(t=document){const e=t.activeElement;return e?e.shadowRoot?D(e.shadowRoot)||document.activeElement:e:null}function x(t,e){const[n,o]=function(t){const e=P(t,!0);return[e,e?P(t,!1)||e:null]}(t);if(!n)return e.preventDefault();const i=D();e.shiftKey&&i===n?(o.focus(),e.preventDefault()):e.shiftKey||i!==o||(n.focus(),e.preventDefault())}class L{$el;id;previouslyFocused;shown;constructor(t){this.$el=t,this.id=this.$el.getAttribute("data-a11y-dialog")||this.$el.id,this.previouslyFocused=null,this.shown=!1,this.maintainFocus=this.maintainFocus.bind(this),this.bindKeypress=this.bindKeypress.bind(this),this.handleTriggerClicks=this.handleTriggerClicks.bind(this),this.show=this.show.bind(this),this.hide=this.hide.bind(this),this.$el.setAttribute("aria-hidden","true"),this.$el.setAttribute("aria-modal","true"),this.$el.setAttribute("tabindex","-1"),this.$el.hasAttribute("role")||this.$el.setAttribute("role","dialog"),document.addEventListener("click",this.handleTriggerClicks,!0)}destroy(){return this.hide(),document.removeEventListener("click",this.handleTriggerClicks,!0),this.$el.replaceWith(this.$el.cloneNode(!0)),this.fire("destroy"),this}show(t){return this.shown||(this.shown=!0,this.$el.removeAttribute("aria-hidden"),this.previouslyFocused=D(),"BODY"===this.previouslyFocused?.tagName&&t?.target&&(this.previouslyFocused=t.target),"focus"===t?.type?this.maintainFocus(t):$(this.$el),document.body.addEventListener("focus",this.maintainFocus,!0),this.$el.addEventListener("keydown",this.bindKeypress,!0),this.fire("show",t)),this}hide(t){return this.shown?(this.shown=!1,this.$el.setAttribute("aria-hidden","true"),this.previouslyFocused?.focus?.(),document.body.removeEventListener("focus",this.maintainFocus,!0),this.$el.removeEventListener("keydown",this.bindKeypress,!0),this.fire("hide",t),this):this}on(t,e,n){return this.$el.addEventListener(t,e,n),this}off(t,e,n){return this.$el.removeEventListener(t,e,n),this}fire(t,e){this.$el.dispatchEvent(new CustomEvent(t,{detail:e,cancelable:!0}))}handleTriggerClicks(t){const e=t.target;e.closest(`[data-a11y-dialog-show="${this.id}"]`)&&this.show(t),(e.closest(`[data-a11y-dialog-hide="${this.id}"]`)||e.closest("[data-a11y-dialog-hide]")&&e.closest('[aria-modal="true"]')===this.$el)&&this.hide(t)}bindKeypress(t){if(document.activeElement?.closest('[aria-modal="true"]')!==this.$el)return;let e=!1;try{e=!!this.$el.querySelector('[popover]:not([popover="manual"]):popover-open')}catch{}"Escape"!==t.key||"alertdialog"===this.$el.getAttribute("role")||e||(t.preventDefault(),this.hide(t)),"Tab"===t.key&&x(this.$el,t)}maintainFocus(t){t.target.closest('[aria-modal="true"], [data-a11y-dialog-ignore-focus-trap]')||$(this.$el)}}function K(){for(const t of document.querySelectorAll("[data-a11y-dialog]"))new L(t)}"undefined"!=typeof document&&("loading"===document.readyState?document.addEventListener("DOMContentLoaded",K):K());var H="__authsignal-popup-container",W="__authsignal-popup-content",M="__authsignal-popup-overlay",j="__authsignal-popup-style",q="__authsignal-popup-iframe",F="385px",G=function(){function t(t){var e=t.width,n=t.isClosable;if(this.popup=null,document.querySelector("#".concat(H)))throw new Error("Multiple instances of Authsignal popup is not supported.");this.create({width:e,isClosable:n})}return t.prototype.create=function(t){var e=this,n=t.width,o=void 0===n?F:n,i=t.isClosable,r=void 0===i||i,a=o;CSS.supports("width",o)||(console.warn("Invalid CSS value for `popupOptions.width`. Using default value instead."),a=F);var s=document.createElement("div");s.setAttribute("id",H),s.setAttribute("aria-hidden","true"),r||s.setAttribute("role","alertdialog");var c=document.createElement("div");c.setAttribute("id",M),r&&c.setAttribute("data-a11y-dialog-hide","true");var u=document.createElement("div");u.setAttribute("id",W),document.body.appendChild(s);var l=document.createElement("style");l.setAttribute("id",j),l.textContent="\n      #".concat(H,",\n      #").concat(M," {\n        position: fixed;\n        top: 0;\n        right: 0;\n        bottom: 0;\n        left: 0;\n      }\n\n      #").concat(H," {\n        z-index: 2147483647;\n        display: flex;\n      }\n\n      #").concat(H,"[aria-hidden='true'] {\n        display: none;\n      }\n\n      #").concat(M," {\n        background-color: rgba(0, 0, 0, 0.18);\n      }\n\n      #").concat(W," {\n        margin: auto;\n        z-index: 2147483647;\n        position: relative;\n        background-color: transparent;\n        border-radius: 8px;\n        width: ").concat(a,";\n      }\n\n      #").concat(W," iframe {\n        width: 1px;\n        min-width: 100%;\n        border-radius: inherit;\n        max-height: 95vh;\n        height: ").concat("384px",";\n      }\n    "),document.head.insertAdjacentElement("beforeend",l),s.appendChild(c),s.appendChild(u),this.popup=new L(s),this.popup.on("hide",(function(){e.destroy()}))},t.prototype.destroy=function(){var t=document.querySelector("#".concat(H)),e=document.querySelector("#".concat(j));t&&e&&(document.body.removeChild(t),document.head.removeChild(e)),window.removeEventListener("message",V)},t.prototype.show=function(t){var e,n=t.url;if(!this.popup)throw new Error("Popup is not initialized");var o=document.createElement("iframe");o.setAttribute("id",q),o.setAttribute("name","authsignal"),o.setAttribute("title","Authsignal multi-factor authentication"),o.setAttribute("src",n),o.setAttribute("frameborder","0"),o.setAttribute("allow","publickey-credentials-get *; publickey-credentials-create *; clipboard-write");var i=document.querySelector("#".concat(W));i&&i.appendChild(o),window.addEventListener("message",V),null===(e=this.popup)||void 0===e||e.show()},t.prototype.close=function(){if(!this.popup)throw new Error("Popup is not initialized");this.popup.hide()},t.prototype.on=function(t,e){if(!this.popup)throw new Error("Popup is not initialized");this.popup.on(t,e)},t}();function V(t){var e=document.querySelector("#".concat(q));e&&t.data.height&&(e.style.height=t.data.height+"px")}var z="4a08uqve",B=function(){function e(t){var e=t.cookieDomain,n=t.cookieName,o=void 0===n?"__as_aid":n,i=t.baseUrl,r=void 0===i?"https://api.authsignal.com/v1":i,c=t.tenantId;if(this.anonymousId="",this.profilingId="",this.cookieDomain="",this.anonymousIdCookieName="",this._token=void 0,this.cookieDomain=e||document.location.hostname.replace("www.",""),this.anonymousIdCookieName=o,!c)throw new Error("tenantId is required");this.passkey=new _({tenantId:c,baseUrl:r});var u,l=(u=this.anonymousIdCookieName)&&decodeURIComponent(document.cookie.replace(new RegExp("(?:(?:^|.*;)\\s*"+encodeURIComponent(u).replace(/[\-\.\+\*]/g,"\\$&")+"\\s*\\=\\s*([^;]*).*$)|^.*$"),"$1"))||null;l?this.anonymousId=l:(this.anonymousId=a(),s({name:this.anonymousIdCookieName,value:this.anonymousId,expire:1/0,domain:this.cookieDomain,secure:"http:"!==document.location.protocol}))}return e.prototype.launch=function(t,e){switch(null==e?void 0:e.mode){case"window":return this.launchWithWindow(t,e);case"popup":return this.launchWithPopup(t,e);default:this.launchWithRedirect(t)}},e.prototype.initAdvancedProfiling=function(t){var e=a();this.profilingId=e,s({name:"__as_pid",value:e,expire:1/0,domain:this.cookieDomain,secure:"http:"!==document.location.protocol});var n=t?"".concat(t,"/fp/tags.js?org_id=").concat(z,"&session_id=").concat(e):"https://h.online-metrix.net/fp/tags.js?org_id=".concat(z,"&session_id=").concat(e),o=document.createElement("script");o.src=n,o.async=!1,o.id="as_adv_profile",document.head.appendChild(o);var i=document.createElement("noscript");i.setAttribute("id","as_adv_profile_pixel"),i.setAttribute("aria-hidden","true");var r=document.createElement("iframe"),c=t?"".concat(t,"/fp/tags?org_id=").concat(z,"&session_id=").concat(e):"https://h.online-metrix.net/fp/tags?org_id=".concat(z,"&session_id=").concat(e);r.setAttribute("id","as_adv_profile_pixel"),r.setAttribute("src",c),r.setAttribute("style","width: 100px; height: 100px; border: 0; position: absolute; top: -5000px;"),i&&(i.appendChild(r),document.body.prepend(i))},e.prototype.launchWithRedirect=function(t){window.location.href=t},e.prototype.launchWithPopup=function(e,n){var o=this,i=n.popupOptions,r=new G({width:null==i?void 0:i.width,isClosable:null==i?void 0:i.isClosable}),a="".concat(e,"&mode=popup");return r.show({url:a}),new Promise((function(e){r.on("hide",(function(){e({token:o._token})})),window.addEventListener("message",(function(e){var n=null;try{n=JSON.parse(e.data)}catch(t){}(null==n?void 0:n.event)===t.AuthsignalWindowMessage.AUTHSIGNAL_CLOSE_POPUP&&(o._token=n.token,r.close())}),!1)}))},e.prototype.launchWithWindow=function(e,n){var o=this,i=n.windowOptions,r=new O,a="".concat(e,"&mode=popup");return r.show({url:a,width:null==i?void 0:i.width,height:null==i?void 0:i.height}),new Promise((function(e){window.addEventListener("message",(function(n){var i=null;try{i=JSON.parse(n.data)}catch(t){}(null==i?void 0:i.event)===t.AuthsignalWindowMessage.AUTHSIGNAL_CLOSE_POPUP&&(o._token=i.token,r.close(),e({token:o._token}))}),!1)}))},e}();return t.Authsignal=B,Object.defineProperty(t,"__esModule",{value:!0}),t}({});

package/dist/passkey.d.ts

@@ -1,4 +1,5 @@
 import { PasskeyApiClient } from "./api";
+import { AuthenticatorAttachment } from "@simplewebauthn/types";
 declare type PasskeyOptions = {
     baseUrl: string;
     tenantId: string;
@@ -6,11 +7,13 @@ declare type PasskeyOptions = {
 declare type SignUpParams = {
     userName?: string;
     token: string;
+    authenticatorAttachment?: AuthenticatorAttachment | null;
 };
 export declare class Passkey {
     api: PasskeyApiClient;
+    private passkeyLocalStorageKey;
     constructor({ baseUrl, tenantId }: PasskeyOptions);
-    signUp({ userName, token }: SignUpParams): Promise<string | undefined>;
+    signUp({ userName, token, authenticatorAttachment }: SignUpParams): Promise<string | undefined>;
     signIn(): Promise<string | undefined>;
     signIn(params?: {
         token: string;
@@ -18,5 +21,7 @@ export declare class Passkey {
     signIn(params?: {
         autofill: boolean;
     }): Promise<string | undefined>;
+    isAvailableOnDevice(): Promise<boolean>;
+    private storeCredentialAgainstDevice;
 }
 export {};

package/dist/types.d.ts

@@ -19,6 +19,10 @@ export declare type PopupLaunchOptions = BaseLaunchOptions & {
          * @deprecated The popup will automatically resize to fit the content.
          */
         height?: string;
+        /**
+         * Whether the popup is closable with the escape key and by clicking the backdrop.
+         */
+        isClosable?: boolean;
     };
 };
 export declare type WindowLaunchOptions = BaseLaunchOptions & {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@authsignal/browser",
-  "version": "0.3.7",
+  "version": "0.4.1",
   "type": "module",
   "main": "dist/index.js",
   "module": "dist/index.js",
@@ -30,7 +30,7 @@
     "@fingerprintjs/fingerprintjs": "^3.3.6",
     "@simplewebauthn/browser": "^9.0.1",
     "@simplewebauthn/types": "^9.0.1",
-    "a11y-dialog": "^7.5.2",
+    "a11y-dialog": "8.0.4",
     "uuid": "^9.0.0"
   },
   "devDependencies": {